# MCP Servers > Three ways to connect MCP servers to Aerostack — host your own on the edge, proxy an existing server with zero-trust secrets, or install from the Hub. One workspace URL for your entire team. Aerostack is the gateway layer for MCP servers. Connect any MCP server — whether you build it, already run it, or find it on the Hub — and expose it through a single workspace URL with encrypted secrets, per-user analytics, and team access control. Your team configures one URL in their editor. You control everything behind it. --- ## Three Modes Aerostack supports three ways to connect MCP servers, each for a different situation: | Mode | What it means | When to use | |------|--------------|-------------| | **Host on Aerostack** | Build your own MCP server, deploy to Cloudflare edge | You want to create a new MCP server with no infrastructure to manage | | **Proxy your existing MCP** | Register your MCP server's URL in Aerostack | You already run an MCP server and want team access + secret management | | **Install from Hub** | One-click install community MCP servers | You want GitHub, Stripe, Slack, Notion, or 30+ other integrations | ```mermaid flowchart LR subgraph Sources["MCP Sources"] A["Host on Aerostack(Cloudflare Edge)"] B["Proxy Existing MCP(Your Infrastructure)"] C["Install from Hub(Community Servers)"] end subgraph Gateway["Aerostack Workspace Gateway"] D["Secret InjectionAES-GCM Encrypted"] E["Per-User AnalyticsCloudflare Analytics Engine"] F["Access ControlPer-Member Tokens"] end subgraph Clients["AI Clients"] G["Cursor"] H["Claude Desktop"] I["VS Code Copilot"] J["Custom Agent"] end A --> D B --> D C --> D D --> E --> F F --> G F --> H F --> I F --> J ``` --- ## How It Fits Together Every MCP server you connect — regardless of mode — gets added to a **Workspace**. A workspace is a single gateway URL that composes all your MCP servers into one endpoint. Tools are namespaced by server slug. If you add a GitHub MCP and a Slack MCP to the same workspace, your AI client sees: ``` github__create_issue github__list_pull_requests slack__send_message slack__create_channel ``` One URL. One config. Every tool available. ```json { "mcpServers": { "my-workspace": { "url": "https://gateway.aerostack.dev/ws/my-workspace/sse", "headers": { "Authorization": "Bearer mwt_xxxxxxxx" } } } } ``` --- ## Key Differentiators ### Zero-Trust Secrets API keys are stored AES-GCM encrypted in Aerostack. They are injected at request time as headers or Bearer tokens. Team members connect via workspace tokens (`mwt_` prefix) and never see the underlying API keys. If someone leaves the team, revoke their workspace token. The production API keys stay untouched. ### Auto-Generated Docs & Capability Manifest Every hosted MCP server gets an auto-generated **Docs tab** in the Hub. When you deploy, Aerostack: 1. **Fetches your tool definitions** — calls `tools/list` on the deployed worker (with retry for propagation) 2. **Generates a capability manifest** — an AI-powered summary of what your MCP can do, what data types it works with, what it pairs well with, and when to use it 3. **Extracts config schema** — reads your `aerostack.toml` env vars and creates a structured auth/setup guide 4. **Keeps tools fresh** — an hourly cron re-fetches tool definitions from all hosted MCPs so the catalog stays up-to-date The capability manifest powers intelligent tool discovery — agents can search for MCPs by what they *do*, not just by name. ### Per-User Analytics Every tool call is logged per user via Cloudflare Analytics Engine. You see exactly who called what tool, when, and how often — without any instrumentation on your side. ### Plan-Tiered Rate Limiting MCP workspace gateway requests are rate-limited per plan tier: | Plan | Gateway Requests/min | |------|---------------------| | Free | 60 | | Starter | 300 | | Pro | 1,200 | | Business | 6,000 | This prevents abuse while giving paid users the throughput they need. ### Team Access Control Each team member gets their own workspace token. Invite, revoke, and audit access from the Admin dashboard. No shared credentials. No key rotation when someone leaves. --- ## Use Cases ### Internal Team Toolkit 30 engineers using Cursor. One workspace URL. Every engineer gets a personal `mwt_` token. Install your internal MCP servers (CRM, deploy pipeline, incident response) and they appear for everyone instantly. Remove a tool and it disappears for the whole team. ### API Gateway for AI Tools (Proxy Mode) You already run MCP servers on your infrastructure. Register them in Aerostack as proxied servers. Aerostack becomes the gateway — injecting secrets, logging analytics, enforcing access. Your engineers connect to the workspace URL and never touch production API keys. ### Secret-Free Developer Access Developers using Cursor or Claude Desktop connect to your workspace URL with their personal token. Behind the scenes, Aerostack injects the Stripe API key, GitHub token, or database credentials. The developer's laptop never has production secrets. If a laptop is compromised, revoke one token — not your API keys. ### Usage Monitoring and Compliance Every tool call is attributed to a specific user. See who created GitHub issues, who queried the database, who sent Slack messages — all through the analytics dashboard. Export logs for compliance audits. ### Community Contribution Build an MCP server, publish it to the Hub. Other Aerostack users install it with one click. Your server runs on Cloudflare edge with zero infrastructure cost to you. --- ## Concepts | Concept | What it is | |---------|-----------| | **MCP Server** | A connector exposing tools via the Model Context Protocol (e.g., GitHub, Stripe, your custom API) | | **Workspace** | A named collection of MCP servers exposed through a single gateway URL | | **Gateway** | The HTTPS endpoint that routes tool calls to the right MCP server, injecting secrets and logging analytics | | **Workspace Token** | A per-member `mwt_` token used to authenticate with the gateway | | **Skill** | A single atomic tool within an MCP server (e.g., `github__create_issue`) | | **Function** | TypeScript business logic on Cloudflare edge — can back a hosted MCP server | | **Secret** | An AES-GCM encrypted credential (API key, token) injected at request time | --- ## What Makes Aerostack Different | Platform | What they offer | What they lack | |----------|----------------|----------------| | Smithery / Glama | MCP server directories | No proxy mode, no encrypted secrets, no per-user analytics | | Zapier MCP | Single URL for Zapier actions | Closed ecosystem, no custom MCP servers, no team tokens | | Self-hosted gateway | Full control | You build and maintain secret injection, analytics, access control | Aerostack gives you: 1. **Three connection modes** — host, proxy, or install from Hub 2. **Zero-trust secrets** — AES-GCM encrypted, injected at request time, never exposed 3. **Per-user analytics** — every tool call attributed to a specific team member 4. **One gateway URL** — add MCP servers, they appear for the whole team 5. **Cross-LLM** — works with Claude, ChatGPT, Gemini, Cursor, and any MCP client --- ## Next Steps - [Quick Start -- choose your path](/mcp/quick-start) - [Install an MCP from the Hub](/mcp/install-from-hub) - [Host your own MCP server](/mcp/host-on-aerostack) - [Proxy an existing MCP server](/mcp/proxy-existing) - [Secrets and security](/mcp/secrets-security) - [Team management](/mcp/team-management) - [Function-backed skills](/mcp/function-backed) - [Use with any LLM](/mcp/cross-llm)